Samsung Blu-ray players bricked because of an XML config file
theregister.comOne thing you have to understand is that these internet-connected Blu-ray players in question are programmed to log their activities and send copies of this information to Samsung.
In some ways, this is even more disturbing than the bricking.
Only corporate greed can create a media player that watches you and needs constant firmware updates.
I have a VCR and DVD player which still work, and things like this are the reason I'm not buying any newer standalone players.
It reminds me of this old meme (I'm not aware of a Blu-ray version): https://files-cdn.sharenator.com/pirate-dvds-s800x825-43988....
It's worse than you think - it's not just your DVD player that's spying on you, but your TV is too -- many TV's use Automated Content Recognition to detect what you're watching regardless of source (DVD, over the air, streaming app, etc). They even detect commercials, and which language you're listening to.
https://www.adexchanger.com/ad-exchange-news/the-marketers-g...
"The telescreen received and transmitted simultaneously. Any sound that Winston made, above the level of a very low whisper, would be picked up by it, moreover, so long as he remained within the field of vision which the metal plaque commanded, he could be seen as well as heard. There was of course no way of knowing whether you were being watched at any given moment. How often, or on what system, the Thought Police plugged in on any individual wire was guesswork. It was even conceivable that they watched everybody all the time. But at any rate they could plug in your wire whenever they wanted to. You had to live -- did live, from habit that became instinct -- in the assumption that every sound you made was overheard, and, except in darkness, every movement scrutinized."
> except in darkness,
With modern cameras even darkness is no guarantee.
Clearly missed out on infrared ;)
I worked for a company that used ACR to put interactive ads on your TV when the ad that it went with came on.
I pressed the meta data company manager we were working with about how they could make such accurate predictions about who was viewing based off just zip code and the content and he replied with "you would be amazed at what people will tell you about themselves for 5$ off netflix".
My productivity dropped and I had a hard time coming into work after that. (This was around the Snowden era).
LG got busted shortly after for not actually stopping the screen grabbing once a second and uploading it to a server even if you turned the option off in the UK. Not surprised.
Unfortunately piracy is often a good answer to this type of issue. If your smart TV is not connected to the internet, or you're not browsing on a licensed platform riddled with DRM and tracking agents, there's no chance of that data leaving your house.
That's my answer. I'll never own a "smart TV", just decent gaming graphics with a large monitor.
It's essentially impossible to buy a consumer TV that's not "smart" these days. There are commercial TV's/monitors, but those are both expensive and also typically not focused on image quality.
Best solution is to "air gap" your TV by not connecting it your wifi or ethernet.
I remember reading somewhere that some of them still tried to connect to any "open" WiFi network they could find
> Best solution is to "air gap" your TV by not connecting it your wifi or ethernet.
How long will it be before TVs embed a cellular modem with manufacturer-paid service to keep the smart features connected? “No setup, works straight out of the box” has to have at least some marketing value, after all.
That's exactly the point of 5G, if I understand it correctly.
Metal roof. Line walls with metallic insulation. There might be something available for the windows too.
For the walls and ceiling, prime with 2-3 coats of paint that contains carbon black and graphite. It's black, so several finish coats will be necessary. For the windows, use aluminum screening. That also works well on floors, under engineered wood flooring. Nylon plated with nickel and silver makes nice drapes.
> There might be something available for the windows too
Yeah, uninstall it and install Linux ;)
That's the point where you install a wifi jammer in your house and do cable only.
This might work in the US, units sold in the EU would be litigated out of production. Who knows, maybe we'll see a homebrew market for EU-built apps for US TV's.
Why do I need a TV? Arbitrarily large monitors are available for gaming.
And those manufacturers will double-down by scanning for an open wireless network and send the data stream without you knowing, or embed a cellular modem to bypass all that.
It's a truly disgusting trend.
Seriously? Are there WiFi interfaces in monitors now?
It's been a while since I bought one, I admit.
No. There isn't.
TVs are much much more larger. But you don't need a TV obviously.
I live in a 42 m^2 apartment, so I really don't need that large a monitor :)
I used to have a video-projector with a wide lens in a similar sized apartment. Great for movies and slow paced video-games.
There are still plenty of options in Europe, it is a matter of being picky.
As for image quality it is miles ahead of crufty CRT displays, Sony Triniton or the like.
Can you point me at an EU marketplace where I can pick a non-smart TV with modern good display? I've been desperate to find something like that for months.
Huh, I thought that gamers also like high quality images.
Please tell me there is a blacklist published somewhere that allows me to avoid ever purchasing a device which includes ACR?
How do you think manufactures can afford to sell these large screens at such cheap prices. They continue to make money off of you long after the initial sale. I'm surprised they just don't give them away (except it would probably raise too many questions).
Your digital cable boxes have been doing this for even longer.
>How do you think manufactures can afford to sell these large screens at such cheap prices.
TV prices have been falling for decades[1], long before manufacturers could truly benefit from the data provided by smart TVs. So other factors are probably much more important - such as cheaper materials, automated production, economies of scale etc.
Also, ad revenue wouldn't explain why "stupid" computer monitor prices have also fallen greatly during the same time period.
[1] https://u.osu.edu/zagorsky.1/2014/05/18/why-are-television-s...
They aren't getting much back from selling the data. Maybe $20 off.
And that is based on what data? BigCorps tend to not continue doing something if it's not going to bring them much return.
Somewhat tangential, but Facebook’s average revenue per user was less than $9 in 2019. I can’t imagine TV manufacturers can eek out nearly that much revenue from the data they collect. Especially considering that almost everyone is streaming or using cable and all of that data is going to Hulu/Netflix/Cable providers and then passed on to advertisers anyway.
FB has 1.5B+ daily users. $9 * 1.5B = A LOT OF CASH. Is that per month, per year? Plus Insta, plus WhatsApp
TV Manufactures may not sell 1B units (maybe they do), but it's still a large enough number that it will not be unnoticed in a balance sheet
In the case of Samsung and smart TVs, and to fully support the argument you are supporting, it is not sufficient that Samsung makes a lot of money. They need to make a lot more per user selling data than they would adding $20 to the price of that TV.
But that $20 price difference would probably mean that less people buy Samsung, so the maths isn't going to be that straightforward.
> How do you think manufactures can afford to sell these large screens at such cheap prices.
Screens are actually that cheap. Take a look at the monitor size/resolution price curve (for non-gaming monitors) and you'll see TVs fit perfectly on it.
Here's a random 55 inch LG panel available on Alibaba. $145 each for a minimum order of 15. That was just the first I found - I'm sure you can get cheaper (especially in bulk!)
Things like high refresh rate, GSync etc add to the cost of the monitor.
https://www.alibaba.com/product-detail/LG-full-color-FHD-mod...
Yup.
I bought a 75” 4K TV with HDR for $750 recently. I paid that much for my first 15” LCD computer monitor.
If I connect it to the internet I know it’s spying on me.
I'm with you, and I prefer "dumb" devices, but you can still buy these blu-ray players and not connect them to the internet.
The internet connectivity is sold as an additional feature so that you can use your blu-ray player to watch Netflix. I agree that I don't want logging on a device like this, but if I was going to connect one of these to the internet, I would at least want regular security updates.
Vote with your wallet. Don't buy these internet devices.
All it takes is for a visiting family member or friend who wants to watch Netflix while you're in another room/asleep/etc to click okay.
That’s what my in-laws did. “For some reason you hadn’t connected your smart TV to the internet; instead of using your Apple TV, we gave TCL your WiFi password. Aren’t you proud we figured it out on our own?”
Better be sure and block the TV from wifi then.
Easier said than done. It’s increasingly difficult to find a “dumb” TV these days. Almost all have smart functionality.
(and besides, most TVs have other ways of watching Netflix that ought to be more convenient for a visitor. A $30 Roku stick is all you need)
Don't buy a TV then, buy a monitor. https://www.dell.com/en-uk/work/shop/dell-55-4k-conference-r...
In the US, you can get a 55 inch dumb 4K TV for less than half the price.
https://www.walmart.com/ip/Sceptre-55-Class-4K-UHD-LED-TV-HD...
Is there any difference in display quality between a monitor and a TV with roughly the same specs?
I really doubt it. My 2015 Sony bravia has a similar 4K VA panel that I'm largely happy with. I absolutely hate that TV for reasons besides it's panel. And I regret blowing £850 on it.
You're not going to find IPS or OLED panels on those large form factor monitors for a sensible price, so do consider that.
Also keep an eye open for NEC digital signage displays on eBay, they're quite common coming from liquidated businesses. I bought a few of them for the office on the cheap and they're solid as long as you avoid the really old plasma models.
Traditionally, a computer monitor would be superior in quality since they are used at a closer distance where things like dead pixels are much more noticeable, in contrast to a TV that's mainly used for video at a longer distance.
With LCD monitors being available in sizes as large as TVs and with the same resolutions, I suspect there won't be much difference but perhaps panels intended for TVs may still have more allowable defects.
Sceptre makes 4K dumb TVs (Walmart).
You can also find other brand 4K dumb TVs on Amazon.
A guest might not see it plugged in and not know to try all the HDMI inputs before selecting the easy, built-in option on the TV.
Wow. I hadn't thought of this vulnerability. Time to set up MAC address blacklists on my router.
If you're going to that sort of length, maybe just filter DNS requests from the TV to whitelist Netflix and Amazon Prime Video, etc. but block everything else. A custom router might go one step further and only whitelist outbound traffic to IP addresses that were previously resolved through DNS.
Are Netflix, Amazon Prime Video, Youtube etc. IP addresses stable enough to be whitelisted, er, allowlisted without frequent updates?
If it's developed with the assumption that they can deliver rolling software updates, the software it ships with might be unusably buggy.
> you can still buy these blu-ray players and not connect them to the internet.
Unfortunately this is only a temporary solution IMO. Within the next decade I think you'll see these smart devices shipping with built in connectivity that's difficult or impossible to disable, especially if Starlink or other satellite based services really take off.
I don't think these kind ofdevices will use Starlink or an equivalent service any time soon. Starlink needs a "pizza box sized" satellite dish that constantly adjusts its position to stay in contact with the satellites. I assume they won't work inside, like other satellite based antennae.
If smart devices will have build in connectivity in the next decade, I think 5g will be a more likely candidate. But I don't see that happening either. Why would a company pay for the data of its users when most people will just connect it to their wifi?
I. Couldn't find a source on "pizza box sized", but I remember Elon Musk has said that. Also here is a picture of one of the antennae: https://www.reddit.com/r/Starlink/comments/hruzck/new_photo_...
I have been wondering for the past two decades: when will media companies will realize that better quality == sales? This sort of happened with iTunes Store when they got rid of DRM on the audio tracks, and with streaming video services (though the quality is severely lacking compared to Blu-Ray/HQ ripped Blu-Ray).
You still get the best experience (and quality) going through BitTorrent.
Don't worry though, the players will only upload the logs, after you've granted consent...
... which you'll automatically give by approving a tome-sized privacy policy
... that you have to accept if you want to use any kind of internet feature, such as watching Netflix.
I love the world we're living in...
This is the whole point of the GDPR.
You'll be surprised on how much crap Samsung packs into low-end & mid-end smartphones in India, especially since now the phones are made in India, available only in India(M-series).
The phones have major international data hoarder apps, their equivalent in India and their Samsung equivalent with its own app downloading services which masquerades as system updates to force the gullible into downloading Samsung apps even if you disable them.
The phones are very much subsidised for data hoarding.
I wouldn’t be surprised. I recently bought a low end android to use as a balloon tracker (which I didn’t realize was illegal until later) and had to wait around 10-20 minutes after connecting it to WiFi While it downloaded ~15 apps (some of which kept launching background services and crashing the phone because it would run out of memory.)
I used to think consumer PCs were bad but holy cow, the way android enables malware out of the box is insane! And in the name of protecting the user from malware they have no tools to deal with it.
>And in the name of protecting the user from malware they have no tools to deal with it
There are tools as the ecosystem is open and the community is extraordinarily talented, but it largely depends upon the device, whether the kernel source, driver blobs are available and boot loader can be unlocked; these were generally true for most devices from high profile manufacturers, but now things are changing as those manufacturers have ventured into $1000 smartphones and don't care for their enthusiast population.
Then again, new breed of pure Linux smartphones are available now. IMO, this should be the long term focus for any enthusiast wanting a free, open, secure mobile computing experience.
It depends on the device manufacturer which is the one installing malware in the first place. There is no hope for android unless something fundamentally changes.
I just hope we have a clean option like Pinephone with flagship quality hardware soon.
True, but unfortunately PinePhone shipments have been stopped to India & Russia[1]. I assume that would be the case for many other brands shipping their handsets from China/HongKong to India.
So, these local manufacturers are going to have free run shipping crap embedded phones for a long time.
[1]https://www.pine64.org/2020/07/15/july-updatepmos-ce-pre-ord...
There are still "dumb" Blu-ray players. Bought one for my parents a few years back. It does have an ethernet port, but they've never needed to connect it to the Internet, works fine. I guess if you're watching a movie that has Internet-enabled extra features, then you would need an internet-connected one, but are there really that many anyway?
> Only corporate greed
Go read up about the Cheka, Mao, and the Stasi.
I use Fastmail, eschew most social media, and run a PinePhone. I'm not a fan of corporate surveillance.
But they're amateurs compared with the murderous surveillance states of years past.
strangely it seems more acceptable when an OEM ships its laptops with Windows 10 which does the same thing
> needs constant firmware updates
Firmware updates are good. They can patch security issues and they can improve different aspects of the device. The security being the best plus obviously.
Wholeheartedly agree that there is no reason for a company like Samsung to track your every move despite you paying them hundreds for said devive. I'd be very surprised if they don't make a hefty profit from such devices. So why then, do they need to track us in addition to making us fork over our money.
I understand Google tracking us. I don't agree with it, but I understand it. Same with Facebook. But Samsung? Apple? No. They're even going to certain lengths to prevent you from fully enjoying your devices (such locked bootloader, making it hard to repair etc).
Firmware updates are good. They can patch security issues and they can improve different aspects of the device. The security being the best plus obviously.
The point is that there are no "security issues" in a dumb media player like the DVD player I have. Suppose an "attacker" (and that is stretching the definition a lot...) can create a disc that can overflow a buffer somewhere and crash the player or cause it to do something "interesting", and I have been somehow tricked into attempting to play this disc --- so what? It's not connected to the Internet, the firmware is read-only, there's literally nothing of value to attack. I'll just eject the disc (manually if necessary) and not play it again.
Instead this stupid "update culture" has created horribly buggy software that's barely functional "because we can always change it", and now we somehow need an Internet-connected media player,along with all the downsides --- including security --- that brings, just so they can (try to) silently attempt to fix some bugs that should never have gotten out in the first place? My experience tells me that they will fix one thing and break something else in the process, so there's overall no real improvement.
>there are no "security issues" in a dumb media player
There is also no Netflix playback, which is a very common use case for consumers.
BTW, the internet connection can be used for key revocation as a way to combat piracy and consumer choice. So, it's "worse" than "just" tracking.
I agree with the upgrade sentiment, it’s mostly a disaster and a step backwards for the consumer.
> Firmware updates are good. They [[can]] patch security issues and they can improve different aspects of the device.
Emphasis mine - updates also remove features and introduce security issues. It's not cut-and-dry "updates are good"
I am pretty sure my Samsung fridge update removed 3 of the limited ~12 or so apps it had in the first place.
If im not waiting for a big fix i avoid upgrades when possible for the reasons you mentioned above, thers nothing more annoying than an upgrade that downgrades features that were working just fine.
Im also doing some research before upgrading. Never the first to upgrade, i hate autoupdating software
What security updates would you foresee being necessary for a traditional BluRay player? Perhaps I'm not being creative enough, but I can't think of what a hacker would accomplish.
Other than allowing the player to read pirated BluRays, I guess, but that's not the user's problem.
Maybe making the player part of a DDOS botnet? That's all I can think of.
The only consumer electronic in my house I allow to talk to the internet is the AppleTV. Nothing else is allowed on the router. Not the TV. Not the disc player. Not the refrigerator. Not even the "smart" thermostat.
> Maybe making the player part of a DDOS botnet?
This only works if the player is connected to the internet, which shouldn't be necessary to begin with.
I don't know about security per se (as others have mentioned a dumb player doesn't need internet), but I could very easily see a decoder bugfix or something to do with i/o error conditions or mishandling some particular kind of disc...
Firmware updates can be good, but only the user with physical access should be able to install a firmware update. An example of how this might be done may be: There is a ROM firmware (always read-only) and EEPROM firmware (read-only except during firmware upgrade operations); the ROM firmware only checks a switch (which is a physical hardware switch can be set only by the user) and if set, will load the data on the DVD (or CD or CompactFlash or whatever other media it uses, but specifically not internet) as a firmware upgrade into the EEPROM; if the switch is not set, then the EEPROM is read-only and nothing can upgrade it, not even a custom firmware. (The user could also physically open it up and replace the EEPROM chip themself, if wanted, but this would normally be unnecessary.)
This, but removable microSD card instead of EEPROM.
I can’t vouch for Samsung but Vizio have said in the past that they make very little profit off their TVs and this is offset by data that is collected from usage.
https://www.techdirt.com/articles/20190114/08084341384/vizio...
Now I’d imagine that Samsung are making a hefty profit on the 75” 4K all singing sets (and still spying on you) but the cheaper ones seem to be priced so there isn’t much profit.
That's why: "What does a factory reset entail?" is a fascinating question.
Everyone assumes you'll lose your settings during a factory reset, but what isn't as clear cut: Does it revert the firmware to whatever it was shipped with (bugs and all)? Some vendors do, but most vendors do not.
A legitimate factory reset (inc. firmware) mechanism or USB boot/reflash would have likely saved Samsung considerable amounts of money here (relative to mailing all of them two ways, they could have e.g. sent out free USB keys with the firmware).
> Does it revert the firmware to whatever it was shipped with (bugs and all)? Some vendors do, but most vendors do not.
I think that's the only reasonable thing to do. Have the original firmware either as an actual rom, or only writable with an enable jumper flipped; use a power on key sequence to boot from the original firmware, copy to normal firmware and reboot into normal firmware (which is now the original firmware). Run through that process during manufacturing to confirm it works.
Regularly test that all released firmware images, especially those in the original firmware slot can successfully upgrade (or at least not crash). Preferably include current firmware version in all requests so you can give workaround responses as needed when you figure out you broke something -- in the hostname is ideal, as you can use that to work around version specific certificate issues.
The reason a Blu-Ray player (or a video game console) might not let you go back to original firmware is to prevent reverting to earlier firmwares that allowed copied media, etc. For those, you probably want to have a 'safe' firmware slot (or two, ideally) that drives the factory reset process, and only reflash those slots on some updates (to reduce testing needs)
>I think that's the only reasonable thing to do.
But that'd also mean you need double the flash capacity, which drives up the BOM cost.
Not necessarily. I worked on the team the managed the OS for an embedded hardware project (radio equipment) and our disk was partitioned four ways:
1. current operating system
2. previous operating system (and next, on upgrade)
3. data partition, shared across both current and previous OS
4. factory reset partition
That means if we needed to do a factory reset we could just load the firmware archive from the fourth partition onto the second partition and execute a normal upgrade, albeit to an older version. Since upgrade packages were small, maybe 500MB?, we could easily cut a little space from the rest of the partitions to make it fit without having to increase the flash capacity.
Yeah, but this is 2020... the blu-ray drive needs a copy of React with node_modules sized at 26Gb :P
That might be feasible for high margin products, but definitely not for consumer products. Case in point: enthusiast motherboards (as in, not the ones used for prebuilts) cheaping out and using 16MB ROM rather than 32MB, forcing them to remove features to accomdiate extra code needed to support new CPUs
Companies seem to care more about preventing users from rolling back firmware than they do about releasing firmware that works. I've had more than one device wrecked because it happened to be out of warranty when I installed a firmware update that ruined something important.
As the owner of the device, I couldn’t care less if reverting to earlier firmware has been exploited. Are device manufacturers making more money from customers or studios?
Device manufactures can't make money from customers if studios blacklist their players.
Isn’t all this crazy when pirates can just download the damn movie with no problem. They are just punishing the paying customer. I have a plex server and have zero issues.
Copyright theater.
In this case it wasn't even a firmware update that bricked the device. Just some meta data that told the device how to behave. So a factory reset should still have deleted that stupid XML file from the flash storage, which would totally have fixed the issue. Even with all the paranoia they could have had about reverting to an old firmware version and breaking copy protection through exploits. Just wipe the freaking flash storage and keep the current firmware.
The one issue I can see with this if the original firmware has an outdated TLS trust store, reverting to the original firmware might make it impossible to update it via normal means. Whether or not this is good or bad is an exercise left up to the reader.
Samsung runs their own CA with a long expiration, so at least they aren't affected by trust store issues. Amazon had an issue with this on Kindles though, if you didn't online update your Kindle in time, you have to do an offline update -- i think that one might have been sha-2 signatueres rather than a CA expiration though --- not sure.
> Does it revert the firmware to whatever it was shipped with (bugs and all)? Some vendors do, but most vendors do not.
I think if it doesn't revert to the firmware it had when shipped by the factory, it shouldn't be considered a factory reset.
Just a guess, but I would assume the term factory reset referred to clearing user settings before devices commonly had firmware update capabilities. So the legacy name should not be used to imply how the function should work in relation to firmware downgrade.
It should restore all writable storage to factory configuration. It shouldn't matter a whit whether that storage has code or config on it.
Who pays for more EEPROM/Flash capacity to save factory firmware?
I tried a factory reset with my Samsung TV after a firmware update injected advertising into the UI. Unfortunately it remained on the current firmware version and just cleared the settings.
>Samsung TV after a firmware update injected advertising into the UI.
Wouldn't Samsung and the rest have stopped this if people just returned the TV?
Probably. Connivingly they waited for 9 months after I bought the TV before releasing the firmware update.
I wrote a guide years ago on blocking them via DNS which loads of people found useful. These days a PiHole is probably a better option.
https://gist.github.com/peteryates/b44b70d19ccd52f62d66cdd4b...
Did you buy it with a credit card? Check to see if your credit card has additional return/warranty periods.
Or, if you have the time and opportunity, sue the manufacturer in small claims court.
Better yet, tell your friends and family about how the ads start after the return period closed, and encourage everyone not buy that garbage in the first place.
It really depends how these things are setup.
Factory resetes that reset the EEPROM basically usually means that the hardcoded values form the ROM/Firmware will be used on the next boot.
However you usually have another tier today which is flash storage which isn’t a mechanism that can be easily reset with a “factory reset” because it involves a file system.
If the bad config files are on the flash you need a factory reset mechanism that basically tells the main firmware or boot loader to recreate the file system on the next boot.
That's how factory reset works on Android — it simply erases the entire /data partition, which is the only one normally mounted read-write. Recovery might subsequently initialize an empty file system there, but bootloader certainly does not. (you're usually able to do a wipe from both)
The OS itself then initializes it all from scratch on the first boot.
If you could factory-reset to the original firmware on internal ROM (with buggy xml parser), wouldn’t you still get stuck in the boot loop?
They way I understood it, the write up in the article says that the XML is downloaded and parsed during boot.
Edit: I guess if you disabled network access you could boot. Derp
If they included a factory reset, a good one besides being accessible early in the boot process, would erase and restore the filesystem on the flash chip to how it originally shipped. So that policy file will either be erased or a safe default.
Then you just keep it offline until Samsung fixes the file on their server so you don't have to reset it again. They fixed it a few days later so it is safe now, so even old firmware should be safe to go online.
That article explains why that solution it isn't possible: 'there seems to be no way to recover the devices from the boot loop using normal means – such as a USB stick, CD or network – because the crash happens too early in the boot sequence.'
It would have been possible if it was done this way in the first place.
Thus, the discussion on how factory resets could/should work in consumer electronics...
I like the way you can erase and recover a Mac to a fresh install of MacOS, without needing a USB key or another working Mac. As long as you have an unmetered internet connection, you can recover to the same version of MacOS that shipped with the device.
So long as Apple chooses to make that version available for download.
That's a pretty horrid way. It used to be a time where you could just run a recovery partition to reinstall your operating system outside of re partitioning your hard drive.
Every maOS install includes a recovery partition which works as you describe. However, if your hard drive is screwed up thoroughly enough, the recovery partition may not be accessible. In that case, you can still access Internet Recovery, which is located on some sort of ROM and allows you to redownload a working recovery image from Apple's servers.
I've seen non-Mac laptops ship with a recovery partition but:
1. The recovery partition takes up some space, and
2. You (or malware) can mess up the recovery partition, and
3. The recovery partition doesn't exist if just upgraded the storage (e.g. replace the HDD with an SSD).
Macbooks have other failings (e.g. increasingly hard to upgrade/replace hardware yourself) but the operating system recovery works better than anything I've seen for Windows or Linux. Chromebooks have a factory reset key sequence, but that requires a working ChromeOS on the drive.
The recovery partition on non-Mac laptops typically comes with preinstalled crapware too, making it worse than getting a vanilla Windows DVD.
Modern Dell systems support Internet recovery at least in the business class line. Just tested it a few weeks ago on a Dell all-in-one.
Downside of this is that you could end up in a different broken state: ex. What if the original firmware now has too old of a CA bundle?
This could be avoided by using your own PKI for updates (and bundle your own root), but I assume most devices out there are using Web PKI for updates.
Better write a firmware to avoid this problem i have written in the past firmware for devices that don't affect the user experience including CA's, server domain or ip and other parts that don't require a full firmware update, better to "waste" development time thinking of all future problems that are out or your hand than bother the final users IMO. As a developer you should think every problem you could face or you aren't using the best practices of software development.
I think the best approach is to never, ever connect a device like a TV, Blu-ray player, etc to the internet. That's the only way they'll survive. So far no HDMI-based attacks.
Hotglue the ethernet port?
At least TVs on the (originally) European DVB broadcast system can pick up firmware from broadcasts.
Packets in the transport stream include the necessary firmware.
Don't know if they still do it in the USA, but about a decade ago Sony XBR TVs were able to OTA update from local PBS stations.
I don't know how useful that was. Most people hook up TVs to cable boxes.
I never hooked up my Sony to an antenna for exactly that reason. There were reports of people being unsatisfied with firmware updates. E.g. the motion interpolation algorithm changed.
This is still used for set-top boxes, at least in Belgium. It happens in the background now, but up until a few years ago when you first got one you'd only see the firmware downloader for an hour or two, with this block diagram where you could follow along: https://i.imgur.com/hh7eWZr.jpg
The worst part about that was if your signal quality wasn't great. You'd see blocks fail, and it'd take ages for them to come up again.
The boxes now ship with usable firmware preloaded, and will update in the background in the first few days usually.
That is the most LCAR upgrade screen I have ever seen...
that can't be an accident surely; i want it.
Is there anywhere I can read more about the technical details behind this? It sounds pretty interesting.
I searched for "DVB firmware", but didn't find much.
There are several Methods for this - search for OTA... One of our STB models are still using OTA via DVB-C (I’m in Denmark). Only without the the last few months are we replacing the QAM based SWUPDATE mechanism to an TCP/IP based mechanism (IP is required for using the STB in the first place even though it’s a DVB-C BOX)
EDIT Here are the standards you want to read: https://dvb.org/?standard=specification-for-system-software-...
ISDB-T has similar system and some Toshiba DVRs at some point had similar mass bootloop I remember
That doesn’t work if your BluRay player requires an internet connection. Yes, they exist.
Then return it and buy one that doesn't.
Please do name and shame.
I don’t know of any off the top of my head, but I have seen them.
Besides that though, firmware updates require an internet connection, and those updates contain keys for newer AACS versions. So if you want to play a just-released movie, you may need a player capable of AACS 72 (or whatever it’s at now), but yours may only support AACS 52 (out of the box).
MakeMKV does require an update for each new AACS version.
I have a TCL tv that has the Roku firmware on it. I have never connected it to the internet, but I made sure I could update it without the internet. When I shopped for a tv, I was adamant I needed a tv I could update via USB, and Roku’s firmware allows it.
All is not lost.
Every player whose key has been blacklisted. Owning BluRay is a poison pill.
Don't forget to lock all of your consumer electronics in Faraday cages to keep the Weefees out.
You broke it, you bought it Samsung. Full refund. Pick up the device at your expense or provide disposal costs as well.
Warranty is not any part of the issue if you come into my house and break a thing I own and is my property.
What makes you think that what they broke is your property?
Read the EULA. It almost certainly specifies that what you think you own, has in fact just been licensed to you.
No. This is actually nonsense.
Nobody has read the Eula. Nobody has knowingly and willingly agreed to those terms (if they exist). No vendor has expected those terms to be read (if they even exist). No vendor has explained those terms to a customer.
There is a contract for exchange of ownership. You can't actually break that contract with unconscinable means such as fine print that nobody reads nor is expected to read nor has had explained.
Read a EULA if you like but it will do absolutely nothing for you nor will it alter the law and the application of the law. Maybe you'll enjoy the read though?
It is an item, purchased in a shop in exchange for money. There's rather a lot of established law about that.
> You can't actually break that contract with unconscinable means such as fine print that nobody reads nor is expected to read nor has had explained.
You shouldn't be able to, but I think in most jurisdictions you most certainly can.
https://en.wikipedia.org/wiki/End-user_license_agreement#Enf...
These things can get really tricky.
We once almost bricked our devices (electronic magnifier/OCR for low vision people) with an update that added automatic calibration for the cheap crappy OEM touchscreen we used in some devices. It was so crappy all the screens we had in our company had the same serial numbers and returned different coordinates when you clicked in the same spot :)
Fortunately libev has calibration - you can provide a matrix to transform all touchscreen events with. We added calibration step - the software asked user to touch 4 corners on the screen, calculates inverse matrix and saves it to configuration for better touchscreen accuracy. We tested it extensively, and uploaded the version to our update server.
The next day customers started calling :) turns out libev (which reads the configuration during booting) had a "feature" that parsed the numbers in the configuration using the default system locale.
German locale uses . as thousands separator and , as fraction separator.
So, when you did the calibration and restarted the device with German locale your screen transformed the touschscreen events multiplying them by thousands - so you couldn't click on anything, so you couldn't use the device or click "update software".
It was even worse if you used german locale, saved the calibration configuration and then changed locale to English - then it simply crashed during boot because of wrong number format :)
Fortunately we left one usb port accessible so users could attach usb mouse and click "update" if they had the first situation, or download the whole firmware on an usb pendrive and update from it.
BTW the libev bug is fixed, now it always reads the configuration using C locale. Guess what happened when we updated the linux on our systems half a year later and that change was included :)
Programming errors happen, but thats why I don't get, that companies still use programming languages, where such errors result in a crash vs. an error which can be handled and recovered from. A faulty XML file shouldn't render the whole machine unusable.
Not sure if the language is at play, you can write shitty software in any language
Yes, you can create a mess in any language. However, a lot of languages protect you against a lot of potential mistakes and also give you means of safely recovering from errors. The XML parser might not be better when written in another language, but if it is called from within an error handler, the calling program could recover from the error.
What language makes it impossible to write if parse(config) == false then reboot?
In this case the XML file parsed fine, but the contents (specifically an empty element that the firmware expected to be populated) caused a crash.
I guess I should rephrase. What language makes it impossible to call abort() after a required XML element is found to be missing?
Presumably languages which default to optional instead of null with the default ergonomics being to “or_else” instead of “unwrap” will encourage safer error handling.
It works for me, but I don’t know if it is yet well known what the effect of developer UX on error rate is.
Nope, you are still not making sense. Just look at the "Facebook remotely disables all apps" issue. Both times it was issues deserializing - the deserialization wasn't unsafe or outright crashing, it was simply the SDK wasn't prepared to deal with the data it got.
I find that I can write code that is less likely to crash or fail more easily in some languages than in others. If this is not the case for you, I understand that it isn't compelling but that's okay. Not particularly looking for you to adopt anything.
UX things in some languages guide me to idiomatic code that is safer. And as engineers, we know there is no guarantee, only shades of improvement. But again, if language choice does not affect your program quality, so be it.
Impossible is a big word :). But while a C or C++ program tends to crash in the presence of an error, like with a segfault, a lot of languages just throw an error which you can catch. So you could proceed with the default values, if the file cannot be read correctly.
"can catch" doesn't give you anything, unless you actually do the catching.
C and C++ programs tend to crash in the presence of an error, but so do rust programs (panic), C# and java and js and python programs (unhandled exception). Some languages make it harder to footgun yourself for certain types of errors, but never all types of errors.
I have seen js programs (and similar stuff in other languages) crash because of something like
where the response was valid json, just the .list property was an empty array (or even undefined because omitted in the json).JSON.parse(response).list[0].string.lengthDoes rust protect from such mistakes (because I know some people on here like to claim rust is the answer to everything)? Verbatim from their docs:
I'd guess it's exactly such type of bounds error at play with the Saumsung thing, from the mention of that empty <list/> element in the article.let v = vec![0, 2, 4, 6]; println!("{}", v[6]); // it will panic!I have written such code myself because I was lazy or distracted or "need performance" or "this can never be empty per spec" or "oops, my range calculation was off by one", tho luckily I didn't outright brick anything, yet.
There is one difference in Rust: they are so confident of their memory model, panic!() only kills the current thread. The exception is if it happens in the main thread it kills everything.
In Samsung's case, if they put the parsing of the telemetry config xml file in a separate thread the default Rust behaviour is not to kill the entire thing. Sending the telemetry back to servers sounds like something you would do in a separate thread, so perhaps it would have saved them.
Other languages with similarity strong memory models like Java / Python / Haskell could do the same thing of course. And in those languages programmer could just emulate it in any case. C / C++ with their weak memory models could not sanely do it. A programmer could emulate it in those languages by using separate processes if the OS supported it, but they would have to forgo shared memory.
Not a huge difference perhaps - but Rust's strong memory model does buy you something.
Oh please. C and C++ programs can be coded to fail gracefully and "a lot of languages" fail in unpredictable and unfortunate ways and shitty programmers still don't catch those magic errors. This is a matter of crappy engineering, not per se crappy language.
You can have programs crash in any language. However, it is the question, how well a program can recover from an error. Having a concept of error handlers in the language, which can catch conditions occuring inside the code they are calling, leads to more robust programmers. Think of it as airbags and seat belts. Drivers, who don't make a mistake, wouldn't need them, but in reality shit happens, and they give us more survival chances.
if !parse(config) then reboot. Please, for the love of God.
I’m sorry but I find ruby „reboot unless config.parse?” much more readable here.
You can argue about which syntax is best. But irrespective, having a perfectly good boolean already, but then comparing it to true or false to unnecessarily create another boolean is always just wrong.
Whether it's an Exception or a segfault, the application still crashes because its input is in a bad state. This class of problem is not restricted to memory-unsafe languages.
> still use programming languages, where such errors result in
Unfortunately no language or other framework or system can completely do away with programming logic errors.
But that is the point I was trying to make. No language can save you from logic errors, but a lot of languages let you recover from errors in functions. The simplest way is exception handling in Java like try { parse(xmlFile) } catch ( ... ) {.... } There is no reason the device should get in an undefined state if parsing that file fails or even completely crash.
> There is no reason the device should get in an undefined state
That is impossible to guarantee. It isn't even possible to completely generally[†] test for - what you have there is a variant of the halting problem (https://en.wikipedia.org/wiki/Halting_problem).
[†] added "generically" there as it is possible, using formal methods from the start, to prove that a program is correct so will not error (in an unexpected manner) on any input, but such methods are time-consuming so outside of certain specific fields you'll not find them used
But not having a `try...catch` for such events is a kind of logic error.
The choice of programming language only gets you so far - it's up to the developers to actually handle errors in a meaningful way.
I'd argue that languages which force handling via the type system (e.g. `Result<T, Error>` in Rust) makes it less likely that bugs like this will go unhandled, since the position if the programmer does not explicitly opt out of error handling (with `unwrap` etc) is a compilation error rather than missing error handling.
What specifically goes in the catch block? Please be precise.
In the case of an appliance device where the XML file was externally supplied? Continue as though the file never existed (and possibly also delete the XML file).
Either proceed with some safe default values or at least go into a maintenance mode, where the file can be replaced or newly downloaded.
This seems more like a process / testing issue. Someone should've tested this update, at least once, before it was deployed to the public, right?
(I used to work at a company where people checked in code, asked someone else to test it, and it was clear it had never even been run!)
If they had used Rust, this whole thing could have been avoided!
Yet another reason for the warning don't connect your 'smart' TV, DVD player, or any other entertainment device to your wifi router. If you need Netflix, use a standalone device such as a Roku and connect it to the TV with HDMI.
smart my arse. it's as smart as the guy who designed/programmed it.
Our Samsung home theatre sound system's bluray stopped working years ago, everything else works fine.
We have a few Samsung products and each one has a particularly annoying problem.
The worst part is the support, I post a polite request on their website and always get a very concise unhelpful answer.
I no longer buy Samsung products.
Are these running Tizen?
Probably. Samsung hired thousands of c++ developers in a particular low-cost country to build Tizen. You can't really hire that many quality developers that quickly, and it showed.
Tizen is not a bad system by itself. For example, all Samsung watches run it, and they're the best wearables after iwatch.
It kinda is shitty, though. Do remember that it was built as a replacement for Android on smartphones, then when that, in a 100% expected way completely failed, was was relegated to the TV and smartwatch platforms where general requirements are perhaps 5x less.
Those two platforms probably only use the best 20-30% core functionality of what was built. And they're still second tier...
I was wondering what had happened to my blu-ray player; thanks for posting this!
This is one of the many reasons hardware companies stop supporting older tech. It’s just not in their interests to push updates down to them, and can seriously back fire